Skip to main content

Free download XSS SHELL v0.3.8

XSS SHELL v0.3.8

WHAT IS XSS SHELL ?
XSS Shell is powerful a XSS backdoor and zombie manager. This concept first presented by "XSS-Proxy - http://xss-proxy.sourceforge.net/ ". Normally in XSS attacks attacker has one shot, in XSS Shell you can interactively send requests and get responses from victim. you can backdoor the page. 



You can steal basic auth, you can bypass IP restrictions in administration panels, you can DDoS some systems with a permanent XSS vulnerability etc. Attack possibilities are limited with ideas. Basically this tool demonstrates that you can do more with XSS.

FEATURES
XSS Shell has several features to gain whole access over victim. Also you can simply add your own commands. 


Most of the features can enable or disabled from configuration or can be tweaked from source code.


Features;
- Regenerating Pages
- This is one of the key and advanced features of XSS Shell. XSS Shell re-renders the infected page and keep user in virtual environment. Thus even user click any links in the infected page he or she will be still under control! (within cross-domain restrictions) In normal XSS attacks when user leaves the page you can't do anything.
- Secondly this feature keeps the session open so even victim follow an outside link from infected page session is not going to timeout and you will be still in charge.
- Keylogger
- Mouse Logger (click points + current DOM)


Built-in Commands;
- Get Keylogger Data
- Get Current Page (Current rendered DOM / like screenshot)
- Get Cookie
- Execute supplied javaScript (eval)
- Get Clipboard (IE only)
- Get internal IP address (Firefox + JVM only)
- Check victim's visited URL history
- DDoS
- Force to Crash victim's browser

INSTALL
XSS Shell uses ASP + MS Access database as backend but you can simply port them into any other server-side solution. You just need to stick with simple communication protocol.




Install Admin Interface;


1. Copy "xssshell" folder into your web server
2. Copy "db" to a secure place (below root)
3. Configure "database path" from "xssshell/db.asp"
4. Modify hard coded password in db.asp [default password is : w00t]
5. Now you can access admin interface from something like http://[YOURHOST]/xssshell/




Configure XSS Shell for communication;
1. Open xssshell.asp
2. Set "SERVER" variable to where your XSSShell folder is located. i.e: "http://[YOURHOST]/xssshell/";
3. Be sure to check "ME", "CONNECTOR", "COMMANDS_URL" variables. If you changed filenames, folder names or some kind of different configuration you need modify them.


Now open your admin interface from your browser,
To test it, just modify "sample_victim/default.asp" source code and replace "http://attacker:81/release/xssshell.js" URL with your own XSS Shell URL. Open "sample_victim" folder in some other browser and may be upload in to some other server.


Now you should see a zombie in admin interface. Just write something into "parameters" textarea and click "alert()". You should see an alert message in victim's browser. 

SECURITY NOTES
- As a hunter be careful about possible "Backfire" in getSelfHTML(). Someone can hack you back or track you by another XSS or XSS Shell attack.
- Checkout "showdata.asp" and implement your own "filter()" function to make it safer for you.


- Put "On error resume next" to db.asp, better modify your web server to not show any error.

HOW CAN YOU EXTEND?
First implement it to xssshell.asp
1) Add new enum for your control
- Set a name and unique number like "CMD_GETCOOKIE"
- var CMD_SAMPLE = 78;
- Set datatype for your response (generally TEXT), 
- dataTypes[CMD_SAMPLE] = TEXT;
2) Write your function and add it to page
- function cmdSample(){return "yeah working !"}
3) Call it
- Go inside to "function processGivenCommand(cmd)"
- Add a new case like "case CMD_SAMPLE:"
4) Report it back
- Inside the case call log;
"log(cmdSample(), dataTypes[cmd.cmd], cmd.attackID, "waitAndRun()");"
Secondly Implement it to admin interface;
- In db.asp just add a new element to "Commands" array (command name, command unique number, description). 
i.e. "cmdSample()",78,"Command sample ! Just returns a message"




There are parameters and lots of helper in the code. Check out other commands for reference. 
Enable debug feature to debug your new commands easily.

KNOWN BUGS;
- Keylogger is not working on IE
- Possibly not going to work for framed pages because of frame regeneration.
- Not working on Konqueror

Password: hackingtricks
Download Here:
Labels:

Comments

Post a Comment

Popular posts from this blog

How To Hack Gmail Account Password Working 100 Percent

1st.. NOTE: This is for Educational Purpose Only. hackingfreaks.in is not responsible for any damage done by You. Things That you Need for Hacking Gmail Account Password: 1. Gmail Phisher 2. Free Web hosting Site 3. Little bit of manual Work :P Introduction to Phishing:- If you know little bit of Hacking then Its must for you know About Phishing i.e What is Phishing and how it works and most important How you can protect yourself from getting into the Trap. I will try to explain all of these in my article. First of all What are Phish pages and what is phishing?? Phish pages are basically the fake pages or virtual pages that looks similar to the original website Page. The only difference is the batch program running in the background i.e Original Webpage sends requests to Gmail server while Phish Page sends request to hacker’s php server. Now Phishing is a password hacking technique commonly used by hackers using phish pages that looks similar to original web page. The only
5 comments
Read more

BitDefender Internet Security 2011 With Crack

With the 2011 version of BitDefender Internet Security, a lot of attention has been given to creating a personalized user experience. In addition to the proven effectiveness of the software’s antivirus, antispam and online security measures, the program is fully functional in its default modes but it’s also easily customizable to meet your specific requirements. Just a few minutes after installation, your PC will be protected by one of the best internet security suites around. What you do with the new personalized dashboard is up to you.   BitDefender Internet Security suites offer comprehensive PC protection at an extremely competitive price. For an unbreakable internet security solution that catches malware of every stripe—from viruses to spyware—BitDefender Internet Security 2011 is hard to beat, and is well deserving of the TopTenREVIEWS Silver Award. This year’s version includes souped up security features, realtime search results analysis and enhanced support featur
1 comment
Read more

Microsoft Office 2010 Professional Plus Version 14.0.4760.1000 RTM

Download :  http://adf.ly/EtJz Microsoft Office 2010 Professional Plus Version 14.0.4760.1000 RTM  From Wikipedia Developer(s) Microsoft Initial release June 15, 2010 (2010-06-15) Stable release Build 14.0.4763.1000 / June 15, 2010; 3 months ago (2010-06-15) Operating system Windows 7 Windows Server 2008 Windows Vista with Service Pack 1 Windows Server 2003 R2 Windows XP with Service Pack 3 (32-Bit only) Platform Microsoft Windows (Intel x86 32-bit/64-bit) Microsoft Office 2010 is a productivity suite for Microsoft Windows and the successor to Microsoft Office 2007. Office 2010 includes extended file format support user interface updates and a refined user experience. With the introduction of Office 2010, a 64-bit version of Office is available, although not for Windows XP or Windows Server 2003. Office 2010 does not support Windows XP Professional x64 Edition. On April 15, 2010, Office 2010 was released to manufacturing, with those Volume Licensing customers who have Software Assuran
Post a Comment
Read more